Authentication of users is important to prevent unauthorized access to computer systems and networks. Many studies show keystroke dynamics can be used to uniquely identify users. A study, sponsored by National Bureau of Standards in 1980 and conducted by Stanford Research Institute for keystroke-based authentication, reported 98% authentication when the users type in their identifiers and passwords alone. BioPassword Technical Report, BioPassword Keystroke Dynamics, October 2001 (BPTR). In 1980, Rand Corporation concluded the practicality of typewriter keyboard dynamics. Barton and Barton, in 1984, suggested the use of keyboard characteristics in the determination of passwords. In 1985, observations about the keying patterns of telegraph operators showed each operator exhibited a distinct keying pattern. Umphress, D. et al., “Identity Verification Through Keyboard Characteristics”, Int'l Journal of Man-Machine Studies, 23(3): 263-273, 1985 (Umphress).
Leggett et al., “Verifying Identity via Keystroke Characteristics”, Int'l Journal of Man-Machine Studies, 28(1): 67-76, 1988 (Leggett), M. Brown et al., “User Identification via Keystroke Characteristics of Typed Names using Neural Networks”, Int'l Journal of Man-Machine Studies, 39(6): 399-1014, 1993 (Brown), Monrose et al., “Authentication via Keystroke Dynamics”, Proc. of the ACM Workshop, pp. 48-56, 1997 (Monrose), Robinson et al. “Computer User Verification Using Login String Keystroke Dynamics”, IEEE Transactions on Systems, Man, and Cypernetics-Part A: Systems and Humans, Vol. 28, No. 2, March 1998, pp. 236-241 (Robinson), Bleha et al., “Computer-Access Security Systems Using Keystroke Dynamics”, IEEE Transactions on Pattern Analysis and Machine Intelligence, PAMI-12(12): 1217-1222, December 1990 (Bleha) have developed methods based on keystroke dynamics for verification of users with successful results. Gaines et al., “Authentication by Keystroke Timing: Some Preliminary Results”, Rand Report R-256-NSF, Rand Corporation, 1980 (Gaines), and U.S. Pat. No. 4,805,222 issued to Young et al. (Young '222) covers user identification based on keystroke dynamics. Products based on keystroke latencies, like BioPassword®, a registered trademark of BioPassword, Inc. of Issaquah, Wash., promise highly accurate authentication based on keystroke latency [BPTR].
U.S. Pat. No. 6,151,593 issued to Cho et al. (“Cho”) discusses a keystroke dynamics verification system that uses neural networks to perform verification. “Neural network” (“NN”) is a generic term that describes a broad range of data processing schemes. NN methods often show good results when applied to problems of identifying or classifying entities on the basis of noisy, variable, or incomplete data, but many specific NN implementations have drawbacks that make their use inconvenient or impractical in many situations. For example, a multilayer perceptron NN can be trained to distinguish a number of users by their keystroke patterns, but adding a new user to the group or removing an existing user requires that the NN be completely retrained. Other specific NN implementations may have similar difficulties.